We keep our credentials and secrets in .env files, env variables, and config files. We share that data often in an insecure way. We rarely think about if we are making it easy for someone to access our data. Do you understand what happens after the breach?

This talk looks into the business repercussions of weak secrets management; we go over the typical patterns of use and why they might be harmful. We shall also look at ways to improve this situation and decrease the fallout in case the worst happens.

Comments

Please login to leave a comment

Intresting. Nice feedback

Now l'm afraid and still not entirely sure how to make things better.

A good refresher but in my opinion it lacked a real code example. I would love to see how you implemented vault to store your secrets.